• 12 September, 2025
• No Comments

Email Phishing Attacks Rise 57 Per Cent as AI Tricks More Users Than Ever

Email phishing remains one of the most prevalent and damaging vectors for cyber attacks worldwide. While phishing is not a new threat, recent developments in artificial intelligence and identity-based attack techniques have made these campaigns increasingly sophisticated.

Organisations that rely solely on traditional email security measures are discovering that even well-established defences may no longer suffice. This ongoing trend highlights a surge in email phishing incidents that exploit AI-generated content, legitimate domains, and human behaviour, creating a complex landscape that demands proactive strategies to protect sensitive information and maintain operational continuity.

Email threats are getting smarter

The 2024 Darktrace report reveals a significant shift in the methods used by attackers to penetrate corporate defences. Cybercriminals are increasingly using AI to craft emails that closely mimic human writing styles, making them far more convincing to recipients.

According to a Darktrace survey, 82 per cent of email users could not distinguish AI-generated messages from genuine human communication. This advancement not only increases the likelihood of successful attacks but also poses a challenge for traditional security solutions, which are often configured to detect known email phishing patterns rather than novel, AI-crafted content.

Attackers are also leveraging legitimate platforms and trusted domains to distribute malicious messages. By hijacking or spoofing recognised services, they increase the perceived legitimacy of the email, lowering suspicion among recipients. The same report notes that 57 per cent of email phishing attempts it intercepted were able to bypass all existing security layers, emphasising the growing difficulty organisations face in preventing unauthorised access through conventional filtering and scanning tools.

The human factor in email phishing attacks

While technology continues to evolve, the human element remains a critical vulnerability. Social engineering techniques exploit innate tendencies, such as trust, urgency, and authority to manipulate recipients into revealing sensitive information or clicking on malicious links. Identity-based attacks, where attackers impersonate senior executives, colleagues, or service providers, can be particularly effective in gaining access to privileged systems or confidential data.

This reliance on human error means that even organisations with strong technical defences are not immune. Employees may inadvertently disclose login credentials, approve fraudulent transactions, or install malware without realising the threat. This ongoing trend underscores that training and awareness programmes are essential to complement technical measures, highlighting that phishing is as much a behavioural challenge as a technological one.

Zero-day exploitation and targeted campaigns

Email phishing attacks are increasingly being paired with zero-day vulnerabilities and targeted campaigns. Threat actors often conduct reconnaissance to identify high-value individuals or systems before deploying customised emails designed to exploit specific weaknesses. This combination of human manipulation and technical exploitation enables attackers to bypass conventional security measures, allowing for higher success rates.

Targeted campaigns also extend to critical infrastructure and sectors where the impact of a compromise can be severe. Governments, financial institutions, and energy providers are often the focus of such campaigns, with attackers seeking not just financial gain but also strategic advantage.

The integration of zero-day exploits into email phishing campaigns demonstrates the urgency for organisations to adopt multi-layered defences, including continuous monitoring, incident response preparedness, and threat intelligence sharing.

Emerging trends in email phishing attacks

The evolution of phishing is not limited to AI-generated content or targeted campaigns. Threat actors are exploiting a variety of vectors to maximise reach and effectiveness. These include the use of legitimate cloud services, collaboration platforms, and even video conferencing tools to deliver malicious payloads. Hybrid campaigns, combining email phishing with vishing or SMS phishing, are becoming more common, increasing the likelihood of a successful breach.

Generative AI also allows attackers to scale their operations rapidly. AI-driven campaigns can craft unique messages for thousands of recipients within minutes, personalised to enhance credibility. This shift requires organisations to rethink traditional approaches to email security and adopt strategies that focus on detection, behavioural analysis, and rapid incident response rather than relying solely on static filters or spam-blocking solutions.

Consequences for organisations

The impact of successful email phishing attacks can be significant. Beyond immediate financial loss, compromised credentials or data breaches can lead to operational disruption, reputational damage, and regulatory penalties.

For companies handling sensitive personal or financial information, compliance with laws such as Singapore’s Personal Data Protection Act (PDPA) or other global privacy regulations is essential. A single successful phishing attack can jeopardise years of investment in security and governance frameworks.

Organisations must recognise that email phishing attacks are rarely isolated incidents. They are often part of broader campaigns, where an initial compromise can be leveraged to infiltrate deeper systems, exfiltrate sensitive data, or launch secondary attacks such as ransomware or distributed denial-of-service attacks. Maintaining vigilance, continuous training, and robust monitoring is therefore essential to mitigate both immediate and long-term risks.

How Privacy Ninja helps organisations defend against email phishing

In light of the growing sophistication of phishing attacks, organisations require both technical expertise and human-focused strategies. Privacy Ninja provides services designed to address these needs comprehensively. Our phishing simulation programmes allow businesses to test employee awareness and readiness against real-world attack scenarios, providing actionable insights to strengthen defences.

Complementing this, our DPO-as-a-Service ensures that organisations maintain compliance with the PDPA, while our incident response services facilitate rapid investigation and containment of security events.

Vulnerability Assessment and Penetration Testing (VAPT) is another key service, simulating attacks to identify weaknesses in both infrastructure and operational practices. By combining technical audits, realistic testing, and staff training, Privacy Ninja helps organisations build an adaptive and proactive security posture. These measures ensure that businesses are not only prepared to detect and respond to phishing attacks but also capable of maintaining continuity in the event of a breach.

These ongoing cybersecurity trends illustrate that email phishing remains a critical risk, amplified by AI-driven tactics, identity-based attacks, and sophisticated targeting. Organisations cannot rely solely on traditional security tools or policies. Effective defence requires a combination of technological defences, continuous monitoring, and comprehensive staff training to address the human factor. As phishing campaigns continue to evolve, adopting proactive, multi-layered strategies becomes essential to mitigate the risks and ensure operational resilience.

Partnering with expert services like Privacy Ninja enables organisations to bridge the gap between awareness and capability, providing realistic testing, staff preparedness, and rapid response measures to safeguard sensitive information and maintain trust in an increasingly complex cyber environment.